Securing the Message Broker's Communication

Note: The procedure described below is an optional step for hardening the security of the Sisense Message Broker.

The message broker is responsible for communicating events across Sisense components. To ensure that your communication is secure, RabbitMQ, which Sisense uses as the message broker, supports Transport-Layer-Security (TLS) connections. TLS encrypts traffic between Sisense components and verifies that various Sisense components are authentic.

The communication is encrypted through the use of certificates. You are responsible for generating your certificate bundle, which includes the Certificate Authority (CA file), a certificate (public key) file and a private key file. To encrypt and decrypt traffic, you must provide Sisense with certificate/key pairs in the Sisense Configuration Manager. The following article explains how you can generate TLS certificates.

To enable TLS-connections for the Sisense message broker:

  1. Open the Configuration Manager in your browser located at http://localhost:3030/.
  2. Under the section Message Broker, toggle TLS Enabled to enable TLS support.
  3. Enter the following details:
    Connection String: The connection string to the Sisense message broker. The RabbitMQ uses the AMQP URI Specification for connections.
    CA Certificate: Enter your CA certificate. This is provided when you generate your certificate bundle.
    Private Certificate: Enter your private certificate. This is provided when you generate your certificate bundle.
    Private Key: Enter your private key. This is provided when you generate your certificate bundle.
  4. Click Save.